[Secure-testing-commits] r4073 - data/CVE
Joey Hess
joeyh at costa.debian.org
Thu May 25 09:14:30 UTC 2006
Author: joeyh
Date: 2006-05-25 09:14:26 +0000 (Thu, 25 May 2006)
New Revision: 4073
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2006-05-25 08:27:12 UTC (rev 4072)
+++ data/CVE/list 2006-05-25 09:14:26 UTC (rev 4073)
@@ -1,3 +1,69 @@
+CVE-2006-2580 (Multiple unspecified vulnerabilities in HP OpenView Network Node ...)
+ TODO: check
+CVE-2006-2579 (Unspecified vulnerability in HP OpenView Storage Data Protector 5.1 ...)
+ TODO: check
+CVE-2006-2578 (admin/cron.php in eSyndicat Directory 1.2, when register_globals is ...)
+ TODO: check
+CVE-2006-2577 (Multiple PHP remote file inclusion vulnerabilities in Docebo 3.0.3 and ...)
+ TODO: check
+CVE-2006-2576 (Multiple PHP remote file inclusion vulnerabilities in Docebo 3.0.3 and ...)
+ TODO: check
+CVE-2006-2575 (The setFrame function in Lib/2D/Surface.hpp for NetPanzer 0.8 and ...)
+ TODO: check
+CVE-2006-2574 (Multiple unspecified vulnerabilities in Software Distributor in HP-UX ...)
+ TODO: check
+CVE-2006-2573 (SQL injection vulnerability in index.php in DGBook 1.0, with ...)
+ TODO: check
+CVE-2006-2572 (Cross-site scripting (XSS) vulnerability in index.php in DGBook 1.0 ...)
+ TODO: check
+CVE-2006-2571 (Cross-site scripting (XSS) vulnerability in search.html in Alkacon ...)
+ TODO: check
+CVE-2006-2570 (PHP remote file inclusion vulnerability in CaLogic Calendars 1.2.2 ...)
+ TODO: check
+CVE-2006-2569 (SQL injection vulnerability in links.php in 4R Linklist 1.0 RC2 and ...)
+ TODO: check
+CVE-2006-2568 (PHP remote file inclusion vulnerability in addpost_newpoll.php in ...)
+ TODO: check
+CVE-2006-2567 (Cross-site scripting (XSS) vulnerability in submit_article.php in ...)
+ TODO: check
+CVE-2006-2566 (Alstrasoft Article Manager Pro 1.6 allows remote attackers to obtain ...)
+ TODO: check
+CVE-2006-2565 (SQL injection vulnerability in Alstrasoft Article Manager Pro 1.6 ...)
+ TODO: check
+CVE-2006-2564 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ...)
+ TODO: check
+CVE-2006-2563
+ RESERVED
+CVE-2006-2562 (ZyXEL P-335WT router allows remote attackers to bypass access ...)
+ TODO: check
+CVE-2006-2561 (Edimax BR-6104K router allows remote attackers to bypass access ...)
+ TODO: check
+CVE-2006-2560 (Sitecom WL-153 router firmware before 1.38 allows remote attackers to ...)
+ TODO: check
+CVE-2006-2559 (Linksys WRT54G Wireless-G Broadband Router allows remote attackers to ...)
+ TODO: check
+CVE-2006-2558 (Cross-site scripting (XSS) vulnerability in IpLogger 1.7 and earlier ...)
+ TODO: check
+CVE-2006-2557 (PHP remote file inclusion vulnerability in extras/poll/poll.php in ...)
+ TODO: check
+CVE-2006-2556 (Cross-site scripting (XSS) vulnerability in Florian Amrhein NewsPortal ...)
+ TODO: check
+CVE-2006-2555 (The parse_command function in Genecys 0.2 and earlier allows remote ...)
+ TODO: check
+CVE-2006-2554 (Buffer overflow in the tell_player_surr_changes function in Genecys ...)
+ TODO: check
+CVE-2006-2553 (Cross-site scripting (XSS) vulnerability in Jemscripts DownloadControl ...)
+ TODO: check
+CVE-2006-2552 (Jemscripts DownloadControl 1.0 allows remote attackers to obtain ...)
+ TODO: check
+CVE-2006-2551 (Unspecified vulnerability in the kernel in HP-UX B.11.00 allows local ...)
+ TODO: check
+CVE-2002-2213 (The DNS resolver in unspecified versions of Infoblox DNS One, when ...)
+ TODO: check
+CVE-2002-2212 (The DNS resolver in unspecified versions of Fujitsu UXP/V, when ...)
+ TODO: check
+CVE-2002-2211 (BIND 4 and BIND 8, when resolving recursive DNS queries for arbitrary ...)
+ TODO: check
CVE-2006-2550 (perlpodder before 0.5 allows remote attackers to execute arbitrary ...)
NOT-FOR-US: perlpodder
CVE-2006-XXXX [shadow useradd arbitrary file chmod?]
@@ -3,6 +69,6 @@
NOTE: CERT VU#312962, no exact information yet, might be a non-issue
- shadow 1:4.0.15-10 (low)
-CVE-2006-2549
- RESERVED
+CVE-2006-2549 (Stack-based buffer overflow in PDF Form Filling and Flattening Tool ...)
+ TODO: check
CVE-2006-2548 (Prodder before 0.5, and perlpodder before 0.5, allows remote attackers ...)
NOT-FOR-US: prodder/perlpodder
@@ -58,7 +124,7 @@
NOT-FOR-US: UseBB
CVE-2006-2523 (PHP remote file inclusion vulnerability in config.php in phpListPro ...)
NOT-FOR-US: phpListPro
-CVE-2006-2522 (Dayfox Blog 2.0 and ealier stores user credentials in ...)
+CVE-2006-2522 (Dayfox Blog 2.0 and earlier stores user credentials in ...)
NOT-FOR-US: Dayfox
CVE-2006-2521 (PHP remote file inclusion vulnerability in cron.php in phpMyDirectory ...)
NOT-FOR-US: phpMyDirectory
@@ -498,8 +564,7 @@
NOT-FOR-US: Intel Windows software
CVE-2006-2315 (PHP remote file inclusion vulnerability in session.inc.php in ...)
NOT-FOR-US: ISPConfig
-CVE-2006-2314 [PostgreSQL string encoding interpretation conflict]
- RESERVED
+CVE-2006-2314 (PostgreSQL 8.1.x before 8.1.4, 8.0.x before 8.0.8, 7.4.x before ...)
- postgresql 7.5.4 (medium; bug #368645)
- postgresql-7.4 1:7.4.13-1 (medium)
- postgresql-8.0 <unfixed> (medium)
@@ -507,8 +572,7 @@
NOTE: Beginning with version 7.5.4, postgresql is a transition
NOTE: package which does not contain actual code. That's why
NOTE: it's marked as fixed here. (Previous versions are vulnerable.)
-CVE-2006-2313 [Too lenient UTF-8 etc. decoders in PostgreSQL]
- RESERVED
+CVE-2006-2313 (PostgreSQL 8.1.x before 8.1.4, 8.0.x before 8.0.8, 7.4.x before ...)
- postgresql 7.5.4 (high; bug #368645)
- postgresql-7.4 1:7.4.13-1 (high)
- postgresql-8.0 <unfixed> (high)
@@ -1546,8 +1610,8 @@
- linux-2.6 2.6.16-13
CVE-2006-1863 (Directory traversal vulnerability in CIFS in Linux 2.6.16 and earlier ...)
- linux-2.6 2.6.16-10
-CVE-2006-1862
- RESERVED
+CVE-2006-1862 (The virtual memory implementation in Linux kernel 2.6.x allows local ...)
+ TODO: check
CVE-2006-1861 (Multiple integer overflows in FreeType before 2.2 allow remote ...)
TODO: check
CVE-2006-1860 (lease_init in fs/locks.c in Linux kernel before 2.6.16.16 allows ...)
@@ -2647,8 +2711,8 @@
RESERVED
CVE-2006-1467
RESERVED
-CVE-2006-1466
- RESERVED
+CVE-2006-1466 (Xcode Tools before 2.3 for Mac OS X 10.4, when running the WebObjects ...)
+ TODO: check
CVE-2006-1465 (Buffer overflow in Apple QuickTime before 7.1 allows remote attackers ...)
NOT-FOR-US: Apple
CVE-2006-1464 (Buffer overflow in Apple QuickTime before 7.1 allows remote attackers ...)
@@ -16401,7 +16465,7 @@
NOT-FOR-US: LinPHA
CVE-2004-2065 (DansGuardian 2.8 and earlier allows remote attackers to bypass the ...)
- dansguardian 2.5.2-0-0.1
-CVE-2004-2064 (Cross-site scripting (XSS) vulnerability in lostBook 1.1 and ealier ...)
+CVE-2004-2064 (Cross-site scripting (XSS) vulnerability in lostBook 1.1 and earlier ...)
NOT-FOR-US: lostBook
CVE-2004-2063 (Cross-site scripting (XSS) vulnerability in antiboard.php in AntiBoard ...)
NOT-FOR-US: AntiBoard
More information about the Secure-testing-commits
mailing list